CVE-2007-6638

NONECVSS 0.0

0.0

March Networks DVR 3204 stores sensitive information under the web root with insufficient access control, which allows remote attackers to obtain usernames, passwords, device names, and IP addresses via a direct request for scripts/logfiles.tar.gz.

🔗 References (16)

cve@mitrehttp://osvdb.org/39726
cve@mitrehttp://secunia.com/advisories/28211
cve@mitrehttp://www.milw0rm.com/papers/190
cve@mitrehttp://www.securityfocus.com/bid/27054
cve@mitrehttp://www.sybsecurity.com/advisors/SYBSEC-ADV14-March_Networks_DVR_3204_Logfile_Information_Disclosure
cve@mitrehttp://www.sybsecurity.com/pages/advisors/static/dvr3204_exp.txt
cve@mitrehttp://www.sybsecurity.com/resources/static/An_Insecurity_Overview_of_the_March_Networks_DVR-CCTV_3204.pdf
cve@mitrehttps://www.exploit-db.com/exploits/4797
af854a3a-2127-422b-91ae-364da2661108http://osvdb.org/39726
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/28211
af854a3a-2127-422b-91ae-364da2661108http://www.milw0rm.com/papers/190
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/27054
af854a3a-2127-422b-91ae-364da2661108http://www.sybsecurity.com/advisors/SYBSEC-ADV14-March_Networks_DVR_3204_Logfile_Information_Disclosure
af854a3a-2127-422b-91ae-364da2661108http://www.sybsecurity.com/pages/advisors/static/dvr3204_exp.txt
af854a3a-2127-422b-91ae-364da2661108http://www.sybsecurity.com/resources/static/An_Insecurity_Overview_of_the_March_Networks_DVR-CCTV_3204.pdf

Is Your Infrastructure Affected by CVE-2007-6638?

EchelonGraph automatically scans your cloud infrastructure and maps CVE exposure using blast radius analysis.

Start Free Scan →Browse All CVEs

CVE-2007-6638

📅 Published

🔄 Last Modified

🔗 References (16)

Dependency Blast Radius

Is Your Infrastructure Affected by CVE-2007-6638?